ports/71169: Update: security/samhain 1.8.10b -> 1.8.11
David Thiel
lx at redundancy.redundancy.org
Mon Aug 30 22:00:44 UTC 2004
>Number: 71169
>Category: ports
>Synopsis: Update: security/samhain 1.8.10b -> 1.8.11
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Mon Aug 30 22:00:43 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: David Thiel
>Release: FreeBSD 4.9-STABLE i386
>Organization:
>Environment:
System: FreeBSD redundancy.redundancy.org 4.9-STABLE FreeBSD 4.9-STABLE #15: Wed Nov 19 21:41:32 PST 2003 lx at redundancy.redundancy.org:/usr/obj/usr/src/sys/REDUNDANCY i386
>Description:
Updating the Samhain integrity checking system from 1.8.10b to 1.8.11.
Code changes include:
o for files in the IgnoreAll policy, there are no warnings (anymore) about
'no such user/group' and/or non-printable filenames
o there is a new option HardlinkOffset=... to specify an offset from the
canonical hardlink count for a directory
o ... and a new option AddOKChars=... to modify the set of characters in
a filename for which a warning (about obscure/non-printable) filename
is issued.
Port changes:
Turn off kernel integrity checking by default - building this into packages
wouldn't work anyhow, since it would only work with an identical kernel as
on the build cluster.
>How-To-Repeat:
>Fix:
diff -ruN samhain/Makefile samhain.new/Makefile
--- samhain/Makefile Thu Aug 12 04:20:28 2004
+++ samhain.new/Makefile Mon Aug 30 14:51:38 2004
@@ -5,7 +5,7 @@
# $FreeBSD: ports/security/samhain/Makefile,v 1.17 2004/08/11 23:00:12 pav Exp $
#
#
-# This port recognizes the following non-binary tunables:
+# This port recognizes the following non-boolean tunables:
#
# WITH_RUNAS_USER:
# Whe building with "WITH_SERVER" defined, the username of the
@@ -17,7 +17,7 @@
#
PORTNAME= samhain
-PORTVERSION= 1.8.10b
+PORTVERSION= 1.8.11
CATEGORIES= security
MASTER_SITES= http://la-samhna.de/archive/ \
http://cold.darkambient.net/
@@ -26,7 +26,7 @@
MAINTAINER= lx at redundancy.redundancy.org
COMMENT= The Samhain Intrusion Detection System
-OPTIONS= KCHECK "Enable rogue KLD detection" on \
+OPTIONS= KCHECK "Enable rogue KLD detection" off \
GPG "Enable GnuPG support" off \
MYSQL "Enable MySQL logging" off \
POSTGRESQL "Enable PostgreSQL logging" off \
@@ -111,9 +111,9 @@
.if !defined(WITHOUT_KCHECK)
@${ECHO_MSG}
- @${ECHO_MSG} "Building with kernel checking requires reading /dev/kmem."
- @${ECHO_MSG} "If you're not building as root, please hit Control-C and"
- @${ECHO_MSG} "restart the build as root."
+ @${ECHO_MSG} "Building with kernel checking requires reading /dev/kmem"
+ @${ECHO_MSG} "and /dev/mem. If you're not building as root, please hit
+ @${ECHO_MSG} "Control-C and restart the build as root."
@${ECHO_MSG}
.endif
diff -ruN samhain/distinfo samhain.new/distinfo
--- samhain/distinfo Thu Aug 12 04:20:28 2004
+++ samhain.new/distinfo Mon Aug 30 14:45:54 2004
@@ -1,2 +1,2 @@
-MD5 (samhain_signed-1.8.10b.tar.gz) = f7c638e6989cb44287e814cf008877cd
-SIZE (samhain_signed-1.8.10b.tar.gz) = 972170
+MD5 (samhain_signed-1.8.11.tar.gz) = b07d557a4fd598d9406b8338204e20f9
+SIZE (samhain_signed-1.8.11.tar.gz) = 956426
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list